Launchpad CVE tracker

CVE 2017-7477

Heap-based buffer overflow in drivers/net/macsec.c in the MACsec module in the Linux kernel through 4.10.12 allows attackers to cause a denial of service or possibly have unspecified other impact by leveraging the use of a MAX_SKB_FRAGS+1 size in conjunction with the NETIF_F_FRAGLIST feature, leading to an error in the skb_to_sgvec function.

Related bugs and status

CVE-2017-7477 (Candidate) is related to these bugs:

Bug #1650058: [Hyper-V/Azure] Please include Mellanox OFED drivers in Azure kernel and image

		In	Importance	Status
1650058	[Hyper-V/Azure] Please include Mellanox OFED drivers in Azure kernel and image	linux (Ubuntu)	Medium	Fix Released
1650058	[Hyper-V/Azure] Please include Mellanox OFED drivers in Azure kernel and image	linux (Ubuntu Xenial)	Medium	Fix Released
1650058	[Hyper-V/Azure] Please include Mellanox OFED drivers in Azure kernel and image	linux (Ubuntu Yakkety)	Medium	Fix Released

Bug #1662589: Touchpad not working correctly after kernel upgrade

		In	Importance	Status
1662589	Touchpad not working correctly after kernel upgrade	linux (Ubuntu)	High	Fix Released
1662589	Touchpad not working correctly after kernel upgrade	linux (Ubuntu Xenial)	High	Fix Released
1662589	Touchpad not working correctly after kernel upgrade	linux (Ubuntu Zesty)	High	Fix Released
1662589	Touchpad not working correctly after kernel upgrade	linux (Ubuntu Yakkety)	High	Fix Released

Bug #1672144: ifup service of network device stay active after driver stop

		In	Importance	Status
1672144	ifup service of network device stay active after driver stop	linux (Ubuntu)	Undecided	Fix Released
1672144	ifup service of network device stay active after driver stop	linux (Ubuntu Zesty)	Undecided	Fix Released
1672144	ifup service of network device stay active after driver stop	linux (Ubuntu Xenial)	Undecided	Fix Released
1672144	ifup service of network device stay active after driver stop	linux (Ubuntu Yakkety)	Undecided	Fix Released

Bug #1680328: Broken PowerNV PCI hotplug driver - Patch backporting to zesty

Summary				In	Importance	Status
	1680328	Broken PowerNV PCI hotplug driver - Patch backporting to zesty		linux (Ubuntu)	Undecided	Fix Released
	1680328	Broken PowerNV PCI hotplug driver - Patch backporting to zesty		linux (Ubuntu Zesty)	Undecided	Fix Released

Bug #1680888: Disable CONFIG_HVC_UDBG on ppc64el

		In	Importance	Status
1680888	Disable CONFIG_HVC_UDBG on ppc64el	linux (Ubuntu)	Medium	Fix Released
1680888	Disable CONFIG_HVC_UDBG on ppc64el	linux (Ubuntu Yakkety)	Undecided	Won't Fix
1680888	Disable CONFIG_HVC_UDBG on ppc64el	linux (Ubuntu Zesty)	Medium	Fix Released
1680888	Disable CONFIG_HVC_UDBG on ppc64el	The Ubuntu-power-systems project	Medium	Fix Released

Bug #1681429: POWER9: Improve performance on memory management

Summary				In	Importance	Status
	1681429	POWER9: Improve performance on memory management		linux (Ubuntu)	High	Fix Released
	1681429	POWER9: Improve performance on memory management		linux (Ubuntu Zesty)	High	Fix Released

Bug #1681469: Potential memory corruption with capi adapters

		In	Importance	Status
1681469	Potential memory corruption with capi adapters	linux (Ubuntu)	Undecided	Fix Released
1681469	Potential memory corruption with capi adapters	linux (Ubuntu Zesty)	Undecided	Fix Committed
1681469	Potential memory corruption with capi adapters	linux (Ubuntu Artful)	Undecided	Fix Released
1681469	Potential memory corruption with capi adapters	linux (Ubuntu Xenial)	Undecided	Fix Committed
1681469	Potential memory corruption with capi adapters	linux (Ubuntu Yakkety)	Undecided	Fix Released

Bug #1681875: Zesty update to v4.10.9 stable release

Summary				In	Importance	Status
	1681875	Zesty update to v4.10.9 stable release		linux (Ubuntu)	Undecided	Fix Released
	1681875	Zesty update to v4.10.9 stable release		linux (Ubuntu Zesty)	Undecided	Fix Released

Bug #1682130: Zesty update to v4.10.10 stable release

Summary				In	Importance	Status
	1682130	Zesty update to v4.10.10 stable release		linux (Ubuntu)	Undecided	Fix Released
	1682130	Zesty update to v4.10.10 stable release		linux (Ubuntu Zesty)	Undecided	Fix Released

Bug #1682215: [Hyper-V] mkfs regression in kernel 4.4+

		In	Importance	Status
1682215	[Hyper-V] mkfs regression in kernel 4.4+	linux (Ubuntu)	High	Fix Released
1682215	[Hyper-V] mkfs regression in kernel 4.4+	linux (Ubuntu Xenial)	High	Fix Released
1682215	[Hyper-V] mkfs regression in kernel 4.4+	linux (Ubuntu Yakkety)	High	Fix Released

Bug #1683982: net/ipv4: original ingress device index set as the loopback interface.

		In	Importance	Status
1683982	net/ipv4: original ingress device index set as the loopback interface.	linux (Ubuntu)	Medium	Fix Released
1683982	net/ipv4: original ingress device index set as the loopback interface.	linux (Ubuntu Yakkety)	Medium	Fix Released
1683982	net/ipv4: original ingress device index set as the loopback interface.	linux (Ubuntu Zesty)	Medium	Fix Released

Bug #1684971: [Hyper-V][SAUCE] pci-hyperv: Use only 16 bit integer for PCI domain

		In	Importance	Status
1684971	[Hyper-V][SAUCE] pci-hyperv: Use only 16 bit integer for PCI domain	linux (Ubuntu)	High	Fix Released
1684971	[Hyper-V][SAUCE] pci-hyperv: Use only 16 bit integer for PCI domain	linux (Ubuntu Yakkety)	High	Fix Released
1684971	[Hyper-V][SAUCE] pci-hyperv: Use only 16 bit integer for PCI domain	linux (Ubuntu Zesty)	High	Fix Released
1684971	[Hyper-V][SAUCE] pci-hyperv: Use only 16 bit integer for PCI domain	linux (Ubuntu Xenial)	High	Fix Released
1684971	[Hyper-V][SAUCE] pci-hyperv: Use only 16 bit integer for PCI domain	linux (Ubuntu Artful)	High	Fix Released
1684971	[Hyper-V][SAUCE] pci-hyperv: Use only 16 bit integer for PCI domain	linux (Ubuntu Cosmic)	High	Invalid
1684971	[Hyper-V][SAUCE] pci-hyperv: Use only 16 bit integer for PCI domain	linux-azure (Ubuntu)	Undecided	Fix Released
1684971	[Hyper-V][SAUCE] pci-hyperv: Use only 16 bit integer for PCI domain	linux-azure (Ubuntu Artful)	Undecided	Invalid
1684971	[Hyper-V][SAUCE] pci-hyperv: Use only 16 bit integer for PCI domain	linux-azure (Ubuntu Cosmic)	Undecided	Fix Released
1684971	[Hyper-V][SAUCE] pci-hyperv: Use only 16 bit integer for PCI domain	linux-azure (Ubuntu Xenial)	Undecided	Invalid
1684971	[Hyper-V][SAUCE] pci-hyperv: Use only 16 bit integer for PCI domain	linux-azure (Ubuntu Yakkety)	Undecided	Invalid
1684971	[Hyper-V][SAUCE] pci-hyperv: Use only 16 bit integer for PCI domain	linux-azure (Ubuntu Zesty)	Undecided	Invalid

Bug #1685140: Zesty update to 4.10.11 stable release

Summary				In	Importance	Status
	1685140	Zesty update to 4.10.11 stable release		linux (Ubuntu)	Undecided	Fix Released
	1685140	Zesty update to 4.10.11 stable release		linux (Ubuntu Zesty)	Medium	Fix Released

Bug #1685892: CVE-2017-7477: macsec: avoid heap overflow in skb_to_sgvec

		In	Importance	Status
1685892	CVE-2017-7477: macsec: avoid heap overflow in skb_to_sgvec	linux (Ubuntu)	Undecided	Fix Released
1685892	CVE-2017-7477: macsec: avoid heap overflow in skb_to_sgvec	linux (Ubuntu Zesty)	Undecided	Fix Released
1685892	CVE-2017-7477: macsec: avoid heap overflow in skb_to_sgvec	linux (Ubuntu Yakkety)	Undecided	Fix Released
1685892	CVE-2017-7477: macsec: avoid heap overflow in skb_to_sgvec	linux-hwe (Ubuntu)	Undecided	Invalid
1685892	CVE-2017-7477: macsec: avoid heap overflow in skb_to_sgvec	linux-hwe (Ubuntu Yakkety)	Undecided	Invalid
1685892	CVE-2017-7477: macsec: avoid heap overflow in skb_to_sgvec	linux-hwe (Ubuntu Zesty)	Undecided	Invalid
1685892	CVE-2017-7477: macsec: avoid heap overflow in skb_to_sgvec	linux (Ubuntu Xenial)	Undecided	Invalid
1685892	CVE-2017-7477: macsec: avoid heap overflow in skb_to_sgvec	linux-hwe (Ubuntu Xenial)	Undecided	Fix Released

Bug #1686414: linux: 4.10.0-21.23 -proposed tracker

		In	Importance	Status
1686414	linux: 4.10.0-21.23 -proposed tracker	linux (Ubuntu)	Undecided	Fix Released
1686414	linux: 4.10.0-21.23 -proposed tracker	linux (Ubuntu Zesty)	Medium	Fix Released
1686414	linux: 4.10.0-21.23 -proposed tracker	Kernel SRU Workflow	Medium	Fix Released
1686414	linux: 4.10.0-21.23 -proposed tracker	Kernel SRU Workflow automated-testing	Medium	Fix Released
1686414	linux: 4.10.0-21.23 -proposed tracker	Kernel SRU Workflow certification-testing	Medium	Fix Released
1686414	linux: 4.10.0-21.23 -proposed tracker	Kernel SRU Workflow prepare-package	Medium	Fix Released
1686414	linux: 4.10.0-21.23 -proposed tracker	Kernel SRU Workflow prepare-package-meta	Medium	Fix Released
1686414	linux: 4.10.0-21.23 -proposed tracker	Kernel SRU Workflow prepare-package-signed	Medium	Fix Released
1686414	linux: 4.10.0-21.23 -proposed tracker	Kernel SRU Workflow promote-to-proposed	Medium	Fix Released
1686414	linux: 4.10.0-21.23 -proposed tracker	Kernel SRU Workflow promote-to-security	Medium	Fix Released
1686414	linux: 4.10.0-21.23 -proposed tracker	Kernel SRU Workflow promote-to-updates	Medium	Fix Released
1686414	linux: 4.10.0-21.23 -proposed tracker	Kernel SRU Workflow regression-testing	Medium	Fix Released
1686414	linux: 4.10.0-21.23 -proposed tracker	Kernel SRU Workflow security-signoff	Medium	Fix Released
1686414	linux: 4.10.0-21.23 -proposed tracker	Kernel SRU Workflow upload-to-ppa	Medium	Invalid
1686414	linux: 4.10.0-21.23 -proposed tracker	Kernel SRU Workflow verification-testing	Medium	Fix Released

Bug #1686418: linux-hwe-edge: 4.10.0-21.23~16.04.1 -proposed tracker

		In	Importance	Status
1686418	linux-hwe-edge: 4.10.0-21.23~16.04.1 -proposed tracker	linux-hwe-edge (Ubuntu)	Undecided	Invalid
1686418	linux-hwe-edge: 4.10.0-21.23~16.04.1 -proposed tracker	linux-hwe-edge (Ubuntu Xenial)	Medium	Fix Released
1686418	linux-hwe-edge: 4.10.0-21.23~16.04.1 -proposed tracker	Kernel SRU Workflow	Medium	Fix Released
1686418	linux-hwe-edge: 4.10.0-21.23~16.04.1 -proposed tracker	Kernel SRU Workflow automated-testing	Medium	Fix Released
1686418	linux-hwe-edge: 4.10.0-21.23~16.04.1 -proposed tracker	Kernel SRU Workflow certification-testing	Medium	Invalid
1686418	linux-hwe-edge: 4.10.0-21.23~16.04.1 -proposed tracker	Kernel SRU Workflow prepare-package	Medium	Fix Released
1686418	linux-hwe-edge: 4.10.0-21.23~16.04.1 -proposed tracker	Kernel SRU Workflow prepare-package-meta	Medium	Fix Released
1686418	linux-hwe-edge: 4.10.0-21.23~16.04.1 -proposed tracker	Kernel SRU Workflow prepare-package-signed	Medium	Fix Released
1686418	linux-hwe-edge: 4.10.0-21.23~16.04.1 -proposed tracker	Kernel SRU Workflow promote-to-proposed	Medium	Fix Released
1686418	linux-hwe-edge: 4.10.0-21.23~16.04.1 -proposed tracker	Kernel SRU Workflow promote-to-security	Medium	Fix Released
1686418	linux-hwe-edge: 4.10.0-21.23~16.04.1 -proposed tracker	Kernel SRU Workflow promote-to-updates	Medium	Fix Released
1686418	linux-hwe-edge: 4.10.0-21.23~16.04.1 -proposed tracker	Kernel SRU Workflow regression-testing	Medium	Fix Released
1686418	linux-hwe-edge: 4.10.0-21.23~16.04.1 -proposed tracker	Kernel SRU Workflow security-signoff	Medium	Fix Released
1686418	linux-hwe-edge: 4.10.0-21.23~16.04.1 -proposed tracker	Kernel SRU Workflow upload-to-ppa	Medium	Invalid
1686418	linux-hwe-edge: 4.10.0-21.23~16.04.1 -proposed tracker	Kernel SRU Workflow verification-testing	Medium	Fix Released

Bug #1686419: linux-raspi2: 4.10.0-1005.7 -proposed tracker

		In	Importance	Status
1686419	linux-raspi2: 4.10.0-1005.7 -proposed tracker	linux-raspi2 (Ubuntu)	Undecided	Fix Released
1686419	linux-raspi2: 4.10.0-1005.7 -proposed tracker	linux-raspi2 (Ubuntu Zesty)	Medium	Fix Released
1686419	linux-raspi2: 4.10.0-1005.7 -proposed tracker	Kernel SRU Workflow	Medium	Fix Released
1686419	linux-raspi2: 4.10.0-1005.7 -proposed tracker	Kernel SRU Workflow automated-testing	Medium	Fix Released
1686419	linux-raspi2: 4.10.0-1005.7 -proposed tracker	Kernel SRU Workflow certification-testing	Medium	Invalid
1686419	linux-raspi2: 4.10.0-1005.7 -proposed tracker	Kernel SRU Workflow prepare-package	Medium	Fix Released
1686419	linux-raspi2: 4.10.0-1005.7 -proposed tracker	Kernel SRU Workflow prepare-package-meta	Medium	Fix Released
1686419	linux-raspi2: 4.10.0-1005.7 -proposed tracker	Kernel SRU Workflow promote-to-proposed	Medium	Fix Released
1686419	linux-raspi2: 4.10.0-1005.7 -proposed tracker	Kernel SRU Workflow promote-to-security	Medium	Fix Released
1686419	linux-raspi2: 4.10.0-1005.7 -proposed tracker	Kernel SRU Workflow promote-to-updates	Medium	Fix Released
1686419	linux-raspi2: 4.10.0-1005.7 -proposed tracker	Kernel SRU Workflow regression-testing	Medium	Fix Released
1686419	linux-raspi2: 4.10.0-1005.7 -proposed tracker	Kernel SRU Workflow security-signoff	Medium	Fix Released
1686419	linux-raspi2: 4.10.0-1005.7 -proposed tracker	Kernel SRU Workflow upload-to-ppa	Medium	Invalid
1686419	linux-raspi2: 4.10.0-1005.7 -proposed tracker	Kernel SRU Workflow verification-testing	Medium	Fix Released

Bug #1686782: Need to stop using bzip2 compression in packages for zesty onward

		In	Importance	Status
1686782	Need to stop using bzip2 compression in packages for zesty onward	linux (Ubuntu)	High	Fix Released
1686782	Need to stop using bzip2 compression in packages for zesty onward	linux (Ubuntu Artful)	High	Fix Released
1686782	Need to stop using bzip2 compression in packages for zesty onward	linux (Ubuntu Zesty)	High	Fix Released

Bug #1686976: linux: 4.8.0-52.55 -proposed tracker

		In	Importance	Status
1686976	linux: 4.8.0-52.55 -proposed tracker	linux (Ubuntu)	Undecided	Invalid
1686976	linux: 4.8.0-52.55 -proposed tracker	linux (Ubuntu Yakkety)	Medium	Fix Released
1686976	linux: 4.8.0-52.55 -proposed tracker	Kernel SRU Workflow	Medium	Fix Released
1686976	linux: 4.8.0-52.55 -proposed tracker	Kernel SRU Workflow automated-testing	Medium	Fix Released
1686976	linux: 4.8.0-52.55 -proposed tracker	Kernel SRU Workflow certification-testing	Medium	Fix Released
1686976	linux: 4.8.0-52.55 -proposed tracker	Kernel SRU Workflow prepare-package	Medium	Fix Released
1686976	linux: 4.8.0-52.55 -proposed tracker	Kernel SRU Workflow prepare-package-meta	Medium	Fix Released
1686976	linux: 4.8.0-52.55 -proposed tracker	Kernel SRU Workflow prepare-package-signed	Medium	Fix Released
1686976	linux: 4.8.0-52.55 -proposed tracker	Kernel SRU Workflow promote-to-proposed	Medium	Fix Released
1686976	linux: 4.8.0-52.55 -proposed tracker	Kernel SRU Workflow promote-to-security	Medium	Fix Released
1686976	linux: 4.8.0-52.55 -proposed tracker	Kernel SRU Workflow promote-to-updates	Medium	Fix Released
1686976	linux: 4.8.0-52.55 -proposed tracker	Kernel SRU Workflow regression-testing	Medium	Fix Released
1686976	linux: 4.8.0-52.55 -proposed tracker	Kernel SRU Workflow security-signoff	Medium	Fix Released
1686976	linux: 4.8.0-52.55 -proposed tracker	Kernel SRU Workflow upload-to-ppa	Medium	Invalid
1686976	linux: 4.8.0-52.55 -proposed tracker	Kernel SRU Workflow verification-testing	Medium	Fix Released

Bug #1686978: linux-hwe: 4.8.0-52.55~16.04.1 -proposed tracker

		In	Importance	Status
1686978	linux-hwe: 4.8.0-52.55~16.04.1 -proposed tracker	linux-hwe (Ubuntu)	Undecided	Invalid
1686978	linux-hwe: 4.8.0-52.55~16.04.1 -proposed tracker	linux-hwe (Ubuntu Xenial)	Medium	Fix Released
1686978	linux-hwe: 4.8.0-52.55~16.04.1 -proposed tracker	Kernel SRU Workflow	Medium	Fix Released
1686978	linux-hwe: 4.8.0-52.55~16.04.1 -proposed tracker	Kernel SRU Workflow automated-testing	Medium	Fix Released
1686978	linux-hwe: 4.8.0-52.55~16.04.1 -proposed tracker	Kernel SRU Workflow certification-testing	Medium	Fix Released
1686978	linux-hwe: 4.8.0-52.55~16.04.1 -proposed tracker	Kernel SRU Workflow prepare-package	Medium	Fix Released
1686978	linux-hwe: 4.8.0-52.55~16.04.1 -proposed tracker	Kernel SRU Workflow prepare-package-meta	Medium	Fix Released
1686978	linux-hwe: 4.8.0-52.55~16.04.1 -proposed tracker	Kernel SRU Workflow prepare-package-signed	Medium	Fix Released
1686978	linux-hwe: 4.8.0-52.55~16.04.1 -proposed tracker	Kernel SRU Workflow promote-to-proposed	Medium	Fix Released
1686978	linux-hwe: 4.8.0-52.55~16.04.1 -proposed tracker	Kernel SRU Workflow promote-to-security	Medium	Fix Released
1686978	linux-hwe: 4.8.0-52.55~16.04.1 -proposed tracker	Kernel SRU Workflow promote-to-updates	Medium	Fix Released
1686978	linux-hwe: 4.8.0-52.55~16.04.1 -proposed tracker	Kernel SRU Workflow regression-testing	Medium	Fix Released
1686978	linux-hwe: 4.8.0-52.55~16.04.1 -proposed tracker	Kernel SRU Workflow security-signoff	Medium	Fix Released
1686978	linux-hwe: 4.8.0-52.55~16.04.1 -proposed tracker	Kernel SRU Workflow upload-to-ppa	Medium	Invalid
1686978	linux-hwe: 4.8.0-52.55~16.04.1 -proposed tracker	Kernel SRU Workflow verification-testing	Medium	Fix Released

Bug #1686979: linux-raspi2: 4.8.0-1036.39 -proposed tracker

		In	Importance	Status
1686979	linux-raspi2: 4.8.0-1036.39 -proposed tracker	linux-raspi2 (Ubuntu)	Undecided	Invalid
1686979	linux-raspi2: 4.8.0-1036.39 -proposed tracker	linux-raspi2 (Ubuntu Yakkety)	Medium	Fix Released
1686979	linux-raspi2: 4.8.0-1036.39 -proposed tracker	Kernel SRU Workflow	Medium	Fix Released
1686979	linux-raspi2: 4.8.0-1036.39 -proposed tracker	Kernel SRU Workflow automated-testing	Medium	Fix Released
1686979	linux-raspi2: 4.8.0-1036.39 -proposed tracker	Kernel SRU Workflow certification-testing	Medium	Fix Released
1686979	linux-raspi2: 4.8.0-1036.39 -proposed tracker	Kernel SRU Workflow prepare-package	Medium	Fix Released
1686979	linux-raspi2: 4.8.0-1036.39 -proposed tracker	Kernel SRU Workflow prepare-package-meta	Medium	Fix Released
1686979	linux-raspi2: 4.8.0-1036.39 -proposed tracker	Kernel SRU Workflow promote-to-proposed	Medium	Fix Released
1686979	linux-raspi2: 4.8.0-1036.39 -proposed tracker	Kernel SRU Workflow promote-to-security	Medium	Fix Released
1686979	linux-raspi2: 4.8.0-1036.39 -proposed tracker	Kernel SRU Workflow promote-to-updates	Medium	Fix Released
1686979	linux-raspi2: 4.8.0-1036.39 -proposed tracker	Kernel SRU Workflow regression-testing	Medium	Fix Released
1686979	linux-raspi2: 4.8.0-1036.39 -proposed tracker	Kernel SRU Workflow security-signoff	Medium	Fix Released
1686979	linux-raspi2: 4.8.0-1036.39 -proposed tracker	Kernel SRU Workflow upload-to-ppa	Medium	Invalid
1686979	linux-raspi2: 4.8.0-1036.39 -proposed tracker	Kernel SRU Workflow verification-testing	Medium	Fix Released

Bug #1691369: Zesty update to 4.10.16 stable release

Summary				In	Importance	Status
	1691369	Zesty update to 4.10.16 stable release		linux (Ubuntu)	Undecided	Fix Released
	1691369	Zesty update to 4.10.16 stable release		linux (Ubuntu Zesty)	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2017-7477

References